in src/Saas.Lib/Saas.Identity/Authorization/Handler/SaasUserPermissionAuthorizationHandler.cs [11:30]
public sealed class SaasUserPermissionAuthorizationHandler(
IHttpContextAccessor httpContextAccessor,
IOptions<SaasAuthorizationOptions> saasAuthorizationOptions)
: SaasPermissionAuthorizationHandlerBase<SaasUserPermissionRequirement, UserPermissionKind>(httpContextAccessor, saasAuthorizationOptions)
{
protected override bool IsValidPermission(
SaasPermissionClaim<UserPermissionKind> permission,
AuthorizationHandlerContext context,
SaasUserPermissionRequirement requirement)
{
var userId = context.User.Claims.Where(c => c.Type == ClaimTypes.NameIdentifier).FirstOrDefault()?.Value;
if (!Guid.TryParse(userId, out Guid userIdGuid))
{
userIdGuid = default;
}
return permission.Entity == userIdGuid;
}
}